Win32:Agent, locksky.nag, smitfraud just to name a few...

I happened to have multiple trojans into my computer, and now they are totally taking over.

I can't use safe mode (it jams, winlogon takes all processor time...), avast can't do anything but now and then inform of trojans, and worst of all, I think my computer is spamming email, since avast mailcontrol is frequently active without any use of mail.

I have smitfraudfix, but since I can't use safe mode, it doesn't do much. Even my CMOS was affected and my IDE hard drive was set to use SATA-RAID.

I have used spypot, avast, ad-aware and tried to use pocket killbox with no success to any direction. I am getting desperate, and I'm very grateful for any help. I try to keep my computer off as much as possible 'cos of the spam, of course.

Welcome to SWI. We apologize for the delay; our helpers have been very busy.If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, apart from ‘Show All’.Click on Scan.When the scan has run click Copy and paste the results (if any) into this thread.

jedi

jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

Save the file to the desktop as fix.reg and make sure the "Save as Type" field says "All Files". Then please go to the desktop and double-click on fix.reg, and click Yes to merge it with the registry.

Ok, there's no obvious reason why your PC won't boot into safe mode, so I'll give you the next set of instructions with the safe mode option, if you can't get into safe mode run DrWeb in normal mode:

Download Dr.Web CureIt to the desktop:ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exeNext, please reboot your computer in Safe Mode by doing the following:1) Restart your computer2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.3) Instead of Windows loading as normal, a menu should appear4) Select the first option, to run Windows in Safe Mode.

Doubleclick the drweb-cureit.exe file and Allow to run the express scan

This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.

Once the short scan has finished, mark the drives that you want to scan.

Select all drives. A red dot shows which drives have been chosen.

Click the green arrow at the right, and the scan will start.

Click 'Yes to all' if it asks if you want to cure/move the file.

When the scan has finished, look if you can click next icon next to the files found:

If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)

After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list

Save the report to your desktop. The report will be called DrWeb.csv

Close Dr.Web Cureit.

Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.

After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.

Also:

Please do the following:Run a BitDefender Online scan Here and post the results.

jedi

jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

Hmm. So, I can't properly read to my own thread anymore with IE, and I don't have neither cookie nor password for Firefox.

First of all, thanks a lot to jedi for helping me. I haven't posted because of the reason mentioned, but your help has, I think, solved most of what was wrong. My computer may have gotten little slower, but at least I think it isn't sending spam anymore.

Do Start > My Computer. Right-Click on Local Disk C. Click Properties > Tools.Under 'Error-Checking' click 'Check Now'. Under 'Check Local Disk C’ check both boxes and click 'Start'. You will be prompted to restart. Do so. You will get a blue screen on restart, be patient, the error-check takes time, your PC will start normally when it is complete.